Cara Setting Bypass Hit Squid,Mangle

Game,Queue Tree,Browsing Terbaru di Mikrotik

Ada beberapa perbedaan dengan tutorial sebelumnya,disini juga membagi Https di queue tree dan

untuk Limit extention di gabung ke dalam Semua Down , jadi misalnya bandwidth 2 MB didalam 2

MB tersebut saya namakan ALL DOWN yang di dalamnya ada:Browsing (Http),Https dan Limit

Extention,kemudian untuk upload saya gunakan parent=global-out tidak parent=proxy karna mangle

saya gunakan postrouting yang di serahakan ke proxy external ini akan membuat Hit Proxy menjadi

besar..anda bisa test speedtest untuk test nya ,ok mari kita mulai:

Bagi yang menggunakan PC mikrotik supaya sinkron dengan scripts di bawah silahkan upgrade dulu

PC mikrotiknya dengan Os.5.18

Topologi Jaringan:

Ether1 - public

Modem

Ether2 - local

HUB (Client)

Ether3 - proxy

External Proxy



Ganti nama interface menjadi internet,local,proxy supaya sesuai dengan scripts tutorial berikut ,

perintahnya:

Pastekan di

“New Terminal”

winbox

/interface set 0 name=public \ ;/interface set 1 name=local \ ;/interface set 2 name=proxy



Set Jam supaya tidak berubah-ubah:

Pastekan di

“New Terminal”

winbox

/system ntp client \

set enabled=yes mode=unicast \ primary-ntp=152.118.24.8 \ secondary-ntp=202.169.224.16



System Note:

/system note set note=sastraamijaya show-at-login=yes



NAT Transparent Proxy dan Local Masquerade:

Tulisan yang saya kasih

warna

merah di bawah ini sesuaikan dengan network proxy anda dan ip

address proxy anda dan juga port proxy anda:

Edit Sebelum di Pastekan di

“New Terminal”

winbox

/ip firewall nat

add action=nat chain=dstnat comment="TRANSPARENT PROXY" disabled=no dst-port=80 in-interface=local protocol=tcp src-address=!192.168.254.0/24 to-addresses=192.168.254.2 to-ports=3128

/ip firewall nat

add action=masquerade chain=srcnat comment=MASQUERADE disabled=no



Ip firewall layer7-protocol untuk melimit download seperti rar,zip,youtube,exe,dll kecuali file yang

tersimpan di proxy otomatis loss:

Pastekan di

“New Terminal”

winbox

/ip firewall layer7-protocol

add name="YOUTUBE DOWNLOAD" regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"

add name=EXE regexp=\\.(exe)

add name=RAR regexp=”\\.(rar)” add name=ZIP regexp=”\\.(zip)” add name=7z regexp=”\\.(7z)” add name=WMV regexp=”\\.(wmv)” add name=MPG regexp=”\\.(mpg)” add name=MPEG regexp=”\\.(mpeg)” add name=AVI regexp=”\\.(avi)” add name=FLV regexp=”\\.(flv)” add name=WAV regexp=”\\.(wav)” add name=MP3 regexp=”\\.(mp3)” add name=MP4 regexp=”\\.(mp4)” add name=ISO regexp=”\\.(iso)” add name=3GP regexp=”\\.(3gp)” add name=MOV regexp=”\\.(mov)” add name=MKV regexp=”\\.(mkv)”

add name=”YOUTUBE STREAMING” regexp=youtube add name=PORN regexp=porn

add name=TUBE regexp=tube add name=VIDEO regexp=video add name=MOVIE regexp=movie



Ip Firewall Filter Drop Virus:

Pastekan di

“New Terminal”

winbox

/ip firewall filter

add action=accept chain=input disabled=no dst-port=8291 protocol=tcp add action=drop chain=forward connection-state=invalid disabled=no add action=drop chain=virus disabled=no dst-port=135-139 protocol=tcp add action=drop chain=virus disabled=no dst-port=1433-1434 protocol=tcp add action=drop chain=virus disabled=no dst-port=445 protocol=tcp

add action=drop chain=virus disabled=no dst-port=445 protocol=udp add action=drop chain=virus disabled=no dst-port=593 protocol=tcp

add action=drop chain=virus disabled=no dst-port=1024-1030 protocol=tcp add action=drop chain=virus disabled=no dst-port=1080 protocol=tcp add action=drop chain=virus disabled=no dst-port=1214 protocol=tcp add action=drop chain=virus disabled=nodst-port=1363 protocol=tcp add action=drop chain=virus disabled=nodst-port=1364 protocol=tcp add action=drop chain=virus disabled=no dst-port=1368 protocol=tcp add action=drop chain=virus disabled=no dst-port=1373 protocol=tcp add action=drop chain=virus disabled=no dst-port=1377 protocol=tcp add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp add action=drop chain=virus disabled=no dst-port=2283 protocol=tcp add action=drop chain=virus disabled=no dst-port=2535 protocol=tcp add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp add action=drop chain=virus disabled=no dst-port=3127 protocol=tcp add action=drop chain=virus disabled=no dst-port=3410 protocol=tcp add action=drop chain=virus disabled=no dst-port=4444 protocol=tcp add action=drop chain=virus disabled=no dst-port=4444 protocol=udp add action=drop chain=virus disabled=no dst-port=5554 protocol=tcp add action=drop chain=virus disabled=no dst-port=8866 protocol=tcp add action=drop chain=virus disabled=no dst-port=9898 protocol=tcp add action=drop chain=virus disabled=no dst-port=10080 protocol=tcp add action=drop chain=virus disabled=no dst-port=12345 protocol=tcp add action=drop chain=virus disabled=no dst-port=17300 protocol=tcp add action=drop chain=virus disabled=no dst-port=27374 protocol=tcp add action=drop chain=virus disabled=no dst-port=65506 protocol=tcp add action=jump chain=forward disabled=no jump-target=virus

add action=drop chain=input connection-state=invalid disabled=no add action=accept chain=input disabled=no protocol=udp

add action=accept chain=input disabled=no limit=50/5s,2 protocol=icmp add action=drop chain=input disabled=no protocol=icmp

add action=accept chain=input disabled=no dst-port=21 protocol=tcp add action=accept chain=input disabled=no dst-port=22 protocol=tcp add action=accept chain=input disabled=no dst-port=23 protocol=tcp add action=accept chain=input disabled=no dst-port=80 protocol=tcp add action=accept chain=input disabled=no dst-port=8291 protocol=tcp add action=accept chain=input disabled=no dst-port=1723 protocol=tcp add action=accept chain=input disabled=no dst-port=23 protocol=tcp add action=accept chain=input disabled=no dst-port=80 protocol=tcp add action=accept chain=input disabled=no dst-port=1723 protocol=tcp

add action=add-src-to-address-list \address-list=DDOS address-list-timeout=15s \chain=input disabled=no dst-port=1337 protocol=tcp

add action=add-src-to-address-list list=”port scanners” \address-list-timeout=2w chain=input \comment=”Port scanners to list “ \disabled=no protocol=tcp psd=21,3s,3,1

add action=add-src-to-address-list list=”port scanners” \address-list-timeout=2w chain=input \comment="SYN/FIN scan" disabled=no \protocol=tcp tcp-flags=fin,syn

add action=add-src-to-address-list list=”port scanners” \address-list-timeout=2w chain=input \comment="SYN/RST scan" disabled=no \protocol=tcp tcp-flags=syn,rst

add action=add-src-to-address-list list=”port scanners” \address-list-timeout=2w chain=input \comment=”FIN/PSH/URG scan” disabled=\no

protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack

add action=add-src-to-address-list list=”port scanners” \address-list-timeout=2w chain=input \comment=”ALL/ALL scan” disabled=no \protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg

add action=add-src-to-address-list list=”port scanners” \address-list-timeout=2w chain=input \comment=”NMAP NULL scan” disabled=no \

protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no dst-port=\ 0-65535 protocol=tcp \src-address=61.213.183.1-61.213.183.254

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no \dst-port=0-65535 protocol=tcp \src-address=67.195.134.1-67.195.134.254

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no \dst-port=0-65535 protocol=tcp \src-address=68.142.233.1-68.142.233.254

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no dst-port=\0-65535 protocol=tcp \src-address=68.180.217.1-68.180.217.254

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no \dst-port=0-65535 protocol=tcp \src-address=203.84.204.1-203.84.204.254

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no \dst-port=0-65535 protocol=tcp \src-address=69.63.176.1-69.63.176.254

add action=accept chain=input \comment=”ANTI NETCUT” \disabled=no dst-port=0-65535 protocol=tcp \src-address=69.63.181.1-69.63.181.254

add action=accept chain=input \comment=”ANTI NETCUT” \disabled=no dst-port=0-65535 protocol=tcp \src-address=63.245.209.1-63.245.209.254

add action=accept chain=input \comment=”ANTI NETCUT” disabled=no dst-port=\0-65535 protocol=tcp \src-address=63.245.213.1-63.245.213.254

hasilnya seperti gambar di bawah ini:



Ip Firewall Mangle

o

Ini Scripts Mangle Squid Hit,DSCP=12 untuk me Loss kan proxy dari limit client,Di queue tree saya

buat 80 MB Posisi di mangle paling di letakkan paling atas=

Pastekan di

“New Terminal”

winbox

/ip firewall mangle

o

Scripts mangle untuk menstabilkan ping jika koneksi padat dan DNS=

Pastekan di

“New Terminal”

winbox

/ip firewall mangle

add action=mark-connection chain=prerouting comment=ICMP new-connection mark=”luqincom.net I” passthrough=yes protocol=icmp

add action=change-dscp chain=prerouting connection-mark=\”luqincom.net I” new-dscp=1 passthrough=yes

add action=mark-packet chain=prerouting connection-mark=\“luqincom.net I” new-packet-mark=\“luqincom.net I” passthrough=no

add action=mark-connection chain=prerouting comment=DNS dst-port=\53 new-connection-mark=”luqincom.net D” passthrough=yes \protocol=tcp

add action=mark-connection chain=prerouting dst-port=53 \new-connection mark=”luqincom.net D” passthrough=yes protocol=\udp

add action=change-dscp chain=prerouting connection-mark=\”luqincom.net D” new-dscp=1 passthrough=yes

add action=mark-packet chain=prerouting connection-mark=\”luqincom.net D” new-packet-mark=\”luqincom.net D” passthrough=no

o

Ini Di bawah Scripts untuk Game Online dan Game Facebook:

Edit Sebelum di Pastekan di

“New Terminal”

winbox

/ip firewall mangle

add action=mark-connection chain=prerouting comment=”GAME ONLINE” disabled=no\ dst-port=1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 \ new-connection-mark="luqincom.net GO" passthrough=yes \

protocol=tcp

add action=mark-connection chain=prerouting disabled=no

dst- port=”73417350,74\51,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000” \new-connection-mark="luqincom.net GO" passthrough=yes \ protocol=tcp

add action=mark-connection chain=prerouting disabled=no

dst- port=”73417350,74\51,8085,9600,9601-9602,9300,9400,9700,9376-9377,10001-10011,40000” \new-connection-mark=”luqincom.net GO” passthrough=yes \ protocol=tcp

add action=mark-connection chain=prerouting disabled=no dst

port=”10009,13008,\16666,28012,11011-11041,10402,11031,12011,12110,13413,15000-15002,15001,15\002” new-connection-mark=”luqincom.net GO” passthrough=yes \protocol=tcp

add action=mark-connection chain=prerouting disabled=no dst-port=”1640216502,\18901

18909,19000,19101,22100,27780,29000,29200,39100,39110,39220,39190,49\ 100” new-connection-mark=”luqincom.net GO” passthrough=yes \protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-port=\

14009-14010,14300,14301,14403,7000,14500 new-connection-mark=\”luqincom.net GO” passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting disabled=no dst

42052,11100-11125,11440-11460 new-connection-mark=\ “luqincom.net GO” passthrough=yes protocol=udp

add action=mark-connection chain=prerouting disabled=no dst-port=14009-14010 \ new-connection-mark="luqincom.net GO" passthrough=yes \

protocol=udp

add action=mark-packet chain=prerouting connection-mark=\ "luqincom.net GO" disabled=no new-packet-mark=\

"luqincom.net GO" passthrough=no

add action=mark-connection chain=prerouting comment="GAME FACEBOOK" disabled=\ no dst-port=843,9339 new-connection-mark="luqincom.net GF" \

passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting connection-mark=\ "luqincom.net GF" disabled=no new-packet-mark=\

"luqincom.net GF" passthrough=no

o

Ini Di bawah adalah Scripts dan lain lain nya…di bawah port 1935 dalah port tv online..jika ada port

lain silahkan tambah dengna pembatas koma:

Pastekan di

“New Terminal”

winbox

/ip firewall mangle

add action=mark-connection chain=prerouting comment=DLL disabled=no dst-port=\ 1935 new-connection-mark="luqincom.net DLL" passthrough=yes \

protocol=tcp

add action=mark-packet chain=forward connection-mark=\ "luqincom.net DLL" disabled=no new-packet-mark=\

"luqincom.net DLL" passthrough=no

o

Di bawah ini adalah scripts Https:

Pastekan di

“New Terminal”

winbox

/ip firewall mangle

add action=mark-connection chain=postrouting comment=HTTPS disabled=no \ dst-port=443 new-connection-mark="luqincom.net H" passthrough=\

yes protocol=tcp

add action=mark-packet chain=postrouting connection-mark=\ "luqincom.net H" disabled=no new-packet-mark=\

"luqincom.net H" passthrough=no

o

Ini Di bawah Scripts mangle untuk Limit extention (yang download rar,zip,exe,dll ) akan di limit dan

Bisa di perhatikan setiap paket layer 7 di bawah mempunyai connection mark,beda dengan tutorial

sebelumnya:

Pastekan di

“New Terminal”

winbox

/ip firewall mangle

add action=mark-connection chain=forward comment="LIMIT EXTENTION" disabled=\ no layer7-protocol="YOUTUBE DOWNLOAD" new-connection-mark=\

"YOUTUBE DOWNLOAD" passthrough=yes

add action=mark-packet chain=forward connection-mark="YOUTUBE DOWNLOAD" \ disabled=no new-packet-mark="YOUTUBE DOWNLOAD" \

passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=\ "YOUTUBE STREAMING" new-connection-mark="YOUTUBE STREAMING" passthrough=\ yes

add action=mark-packet chain=forward connection-mark="YOUTUBE STREAMING" \ disabled=no new-packet-mark="YOUTUBE STREAMING" \

passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=TUBE \ new-connection-mark=PORN1 passthrough=yes

add action=mark-packet chain=forward connection-mark=PORN1 disabled=no \ new-packet-mark=PORN1 passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=PORN \ new-connection-mark=PORN2 passthrough=yes

add action=mark-packet chain=forward connection-mark=PORN2 disabled=no \ new-packet-mark=PORN2 passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=VIDEO \ new-connection-mark=PORN3 passthrough=yes

add action=mark-packet chain=forward connection-mark=PORN3 disabled=no \ new-packet-mark=PORN3 passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MOVIE \ new-connection-mark=PORN4 passthrough=yes

add action=mark-packet chain=forward connection-mark=PORN4 disabled=no \ new-packet-mark=PORN4 passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MKV \ new-connection-mark=MKV passthrough=yes

add action=mark-packet chain=forward connection-mark=MKV disabled=no \ new-packet-mark=MKV passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MP3 \ new-connection-mark=MP3 passthrough=yes

add action=mark-packet chain=forward connection-mark=MP3 disabled=no \ new-packet-mark=MP3 passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MP4 \ new-connection-mark=MP4 passthrough=yes

add action=mark-packet chain=forward connection-mark=MP4 disabled=no \ new-packet-mark=MP4 passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=ZIP \ new-connection-mark=ZIP passthrough=yes

add action=mark-packet chain=forward connection-mark=ZIP disabled=no \ new-packet-mark=ZIP passthrough=no

add action=mark-packet chain=forward connection-mark=EXE disabled=no \ new-packet-mark=EXE passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=FLV \ new-connection-mark=FLV passthrough=yes

add action=mark-packet chain=forward connection-mark=FLV disabled=no \ new-packet-mark=FLV passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=ISO \ new-connection-mark=ISO passthrough=yes

add action=mark-packet chain=forward connection-mark=ISO disabled=no \ new-packet-mark=ISO passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MOV \ new-connection-mark=MOV passthrough=yes

add action=mark-packet chain=forward connection-mark=MOV disabled=no \ new-packet-mark=MOV passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MPEG \ new-connection-mark=MPEG passthrough=yes

add action=mark-packet chain=forward connection-mark=MPEG disabled=no \ new-packet-mark=MPEG passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=MPG \ new-connection-mark=MPG passthrough=yes

add action=mark-packet chain=forward connection-mark=MPG disabled=no \ new-packet-mark=MPG passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=WAV \ new-connection-mark=WAV passthrough=yes

add action=mark-packet chain=forward connection-mark=WAV disabled=no \ new-packet-mark=WAV passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=RAR \ new-connection-mark=RAR passthrough=yes

add action=mark-packet chain=forward connection-mark=RAR disabled=no \ new-packet-mark=RAR passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=WMV \ new-connection-mark=WMV passthrough=yes

add action=mark-packet chain=forward connection-mark=WMV disabled=no \ new-packet-mark=WMV passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=3GP \ new-connection-mark=3GP passthrough=yes

add action=mark-packet chain=forward connection-mark=3GP disabled=no \ new-packet-mark=3GP passthrough=no

add action=mark-connection chain=forward disabled=no layer7-protocol=7z \ new-connection-mark=7z passthrough=yes

add action=mark-packet chain=forward connection-mark=7z disabled=no \ new-packet-mark=7z passthrough=no

o

Ini Di bawah Scripts mangle Untuk pembagian otomatis bandwidth browsing Upload dan

Download,Sesuaikan network yang kolom bewarna

merah

dengan network proxy anda=

Bisa di perhatikan paket di bawah menggunakan postrouting dan in interface proxy yang akan

membuat lebih Besar HIT nya,beda dengan tutorial sebelumnya:

/ip firewall mangle

add action=mark-connection chain=prerouting comment=HTTP disabled=no \ dst-port=80 in-interface=proxy new-connection-mark=\

"luqincom.net HTTP" passthrough=yes protocol=tcp

add action=mark-packet chain=postrouting connection-mark=\ "luqincom.net HTTP" disabled=no dst-address=192.168.254.0/24 \ new-packet-mark="luqincom.net HTTP D" passthrough=no

add action=mark-packet chain=postrouting connection-mark=\ "luqincom.net HTTP" disabled=no new-packet-mark=\

"luqincom.net HTTP U" passthrough=no src-address=\

192.168.254.0/24

hasilnya seperti gambar di bawah ini:



Queue Type

Di bawah adalah Queue type untuk Bandwidth 3 MB,Jika Bandwidth anda 2 MB silahkan ganti

tulisan yang berwarna

merah

(3000) menjadi 2000 , dan upload di bawah adalah 512KB ,jika anda

mempunyai upload yang berbeda silahkan sesuaikan

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue type

add kind=pcq name="PROXY DOWN" pcq-burst-rate=0 pcq-burst-threshold=0 \ pcq-burst-time=10s pcq-classifier=\

src-address,dst-address,src-port,dst-port pcq-dst-address-mask=32 \

pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \ pcq-src-address6-mask=128 pcq-total-limit=3000

add kind=pcq name=DOWN pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\ 5s pcq-classifier=dst-address,dst-port pcq-dst-address-mask=32 \

pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \ pcq-src-address6-mask=128 pcq-total-limit=3000

add kind=pcq name=UP pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\ 10s pcq-classifier=src-address,src-port pcq-dst-address-mask=32 \

pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \ pcq-src-address6-mask=128 pcq-total-limit=512

add kind=pfifo name=PING pfifo-limit=64

add kind=pcq name=DLL pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\ 10s pcq-classifier=src-address,dst-address,src-port,dst-port \

pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 \ pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=3000

add kind=pcq name=HTTPS pcq-burst-rate=0 pcq-burst-threshold=0 \ pcq-burst-time=10s pcq-classifier=\

src-address,dst-address,src-port,dst-port pcq-dst-address-mask=32 \

pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \ pcq-src-address6-mask=64 pcq-total-limit=3000

o

Di bawah ini adalah queue tree “ALL DOWN” yang child nya nanti adalah A.BROWSING,

C.HTTPS, D.LIMIT EXTENTION, E.DLL yang bertulisan

merah

di bawah 2800k untuk

bandwidth 3 MB ,200k saya sisakan , silahkan sesuaikan dengan bandwidth anda:

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=2800k name="4.ALL DOWN" packet-mark="" parent=global-out \

priority=3

o

Dibawah ini adalah queue tree “LIMIT EXTENTION” yang childnya nanti

adalah ZIP,RAR,YOUTUBE dan lain-lain , yang bertulisan merah di bawah ini

1500k

adalah

setengah dari total bandwidth,silahkan sesuaikan dengan bandwidth anda:

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=1500k name="D.LIMIT EXTENTION" packet-mark="" parent=\

"4.ALL DOWN" priority=4

o

Di bawah ini adalah queue tree “YOUTUBE” yang nantinya childnya adalah YOUTUBE

STREAMING dan YOUTUBE DOWNLOAD :

Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=YOUTUBE packet-mark="" parent="D.LIMIT EXTENTION" \

priority=4

o

Di bawah ini adalah queue tree “PORN” yang nantinya childnya adalah PORN1, PORN2, PORN3,

PORN4:

Pastekan di

“New Terminal”

winbox

/queue tree

o

Di bawah Ini adalah queue tree “GAME” yang nantinya childnya adalah GAME

ONLINE dan GAME FACEBOOK , yang bertulisan

merah

di bawah silahkan disesuaikan dengan

bandwidth anda:

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=512k \ max-limit=3M name=3.GAME packet-mark="" parent=global-out priority=2

o

Di bawah ini adalah queue tree “BROWSING DOWNLOAD”:

Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=A.BROWSING packet-mark="luqincom.net HTTP D" \

parent="4.ALL DOWN" priority=3 queue=DOWN

o

Di bawah ini adalah queue tree “BROWSING UPLOAD” , yang bertulisan

merah

di bawah

silahkan sesuaikan dengan bandwidth anda:

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=300k name="2.BROWSING UPLOAD" packet-mark=\

"luqincom.net HTTP U" parent=global-out priority=2 queue=UP

o

Di bawah ini adalah queue tree LIMIT EXTENTION RAR,ZIP,YOUTUBE dan lain-lain:

Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="YOUTUBE STREAMING" packet-mark="YOUTUBE STREAMING" \ parent=YOUTUBE priority=4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MKV packet-mark=MKV parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MP3 packet-mark=MP3 parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=ZIP packet-mark=ZIP parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=EXE packet-mark=EXE parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=ISO packet-mark=ISO parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=AVI packet-mark=AVI parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MOV packet-mark=MOV parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MPEG packet-mark=MPEG parent="D.LIMIT EXTENTION" \

priority=4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=MPG packet-mark=MPG parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=RAR packet-mark=RAR parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=WAV packet-mark=WAV parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=WMV packet-mark=WMV parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=3GP packet-mark=3GP parent="D.LIMIT EXTENTION" priority=\ 4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=7z packet-mark=7z parent="D.LIMIT EXTENTION" priority=4 \ queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="YOUTUBE DOWNLOAD" packet-mark="YOUTUBE DOWNLOAD" \

parent=YOUTUBE priority=4 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN1 packet-mark=PORN1 parent=PORN priority=4 queue=\ DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN2 packet-mark=PORN2 parent=PORN priority=4 queue=\ DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN3 packet-mark=PORN3 parent=PORN priority=4 queue=\ DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name=PORN4 packet-mark=PORN4 parent=PORN priority=4 queue=\ DOWN

o

Di bawah ini adalah queue tree “PROXY HIT” dengan limit 80M:

Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=80M \ max-limit=80M name="1.PROXY HIT" packet-mark=\

"luqincom.net SPH" parent=local priority=2 queue="PROXY DOWN"

o

Di bawah ini adalah queue tree “GAME ONLINE dan GAME FACEBOOK”:

Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="A.GAME ONLINE" packet-mark="luqincom.net GO" \

parent=3.GAME priority=2 queue=DOWN

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=0 name="B.GAME FACEBOOK" packet-mark=\

"luqincom.net GF" parent=3.GAME priority=2 queue=DOWN

o

Di bawah ini adalah queue tree HTTPS ,yg bertulisan

merah

di bawah ini silahkan sesuaikan dengan

bandwidth anda (recomendasi 75% dari bandwidth) :

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=2M name=C.HTTPS packet-mark="luqincom.net H" parent=\

"4.ALL DOWN" priority=2 queue=HTTPS

o

Di bawah ini adalah queue tree DLL,yang bertulisan

merah

di bawah silahkan sesuaikan dengan

bandwidth anda (recomendasi 30% dari bandwidth):

Edit sebelum di Pastekan di

“New Terminal”

winbox

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=1M name=E.DLL packet-mark="luqincom.net DLL" parent=\

"4.ALL DOWN" priority=8 queue=DLL

o

Di bawah ini adalah queue tree ICMP dan DNS:

/queue tree

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \ max-limit=100M name=4.ICMP packet-mark="luqincom.net I" \

parent=global-out priority=1 queue=PING

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \ max-limit=100M name=6.DNS packet-mark="luqincom.net D" parent=\

global-out priority=1 queue=PING

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \ max-limit=100M name=5.ICMP packet-mark="luqincom.net I" \

parent=public priority=1 queue=PING

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=100M \ max-limit=100M name=7.DNS packet-mark="luqincom.net D" parent=\

public priority=1 queue=PING

hasilnya seperti gambar di bawah ini:

Catatan Penting:



Bgi yang mempunyai Mikrotik Routerboard CPU Frequency di bawah 600 Mhz seperti

RB750,RB750G,RB,RB750UP,RB,Dll,CPU Frequency bisa di lihat di Winbox

bagian

“System”

kemudian

“Resources”

o

Harap Di edit Priority Queue Tree nya sebagai berikut ,Double Klik Point di bawah ini dan Edit

Prioritynya:



1.PROXY HIT : Priority : 1



4.ALL HTTP DOWN : Priority : 8



A.BROWSING : Priority : 8



C.HTTPS: Priority : 8



D.LIMIT EXTENTION: Priority : 8



3GP,7z,AVI,EXE,FLV,ISO,MKV,MOV,MP3,MP4,MPEG,MPG,PORN,PORN1,PORN2,PORN3,PO

RN4,RAR : Priority : 8



YOUTUBE,YOUTUBE DOWNLOAD,YOUTUBE STREAMING,ZIP : Priority : 8



E.DLL : Priority : 8

o

Tujuan..karna Processor kurang cepat jadi mesti di jauhkan priority dari PROXY HIT dengan yang

lainnya..supaya terbaca Hit dahulu baru yang lain

o

dan jangan Lupa habis di setting restart Mikrotik anda

Selesai ..dan selamat mencoba…..